In May 2017, ransomware WannaCry created worldwide havoc and panic, exploiting a Windows vulnerability and demanding as much as $300 from users. While this was not the first ransomware attack, we also fear it won’t be the last.
However, understanding the threat and taking simple precautions goes a long way in ensuring you stay safe from such attacks. Our cloud & virtualisation expert, Vijay Sachdeva, answers some quick questions to get you up to speed and prepared against ransomware.
What is ransomware?
Ransomware is a computer program that holds your system ‘to ransom’. In other words, ransomware locks up systems and data and threatens to destroy it if you don’t pay a ransom. Ransomware, like most malicious programs, is often transmitted by email or web pop-ups.
There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC. Ransomware can:
- Prevent you from accessing your System.
- Encrypt files so you can’t use them.
- Stop certain apps from running (like your web browser).
What should I do if my computer gets infected with ransomware?
If you are already a victim of ransomware, the first thing to do is disconnect your computer from the internet so it does not infect other machines. Then report the crime to law enforcement and seek help from a technology professional who specialises in data recovery to see what your options might be.
There are few websites like https://www.nomoreransom.org which can guide you if any solution is available. If yes, then also sometimes it can take weeks to decrypt your file.
Which of my systems are more prone to ransomware attacks?
Older operating systems that are no longer supported by Microsoft or any other OEM (e.g. WinXP and win2003) have been found to be most vulnerable to ransomware. However, Microsoft has released patches for other windows OS, which you can find on https://technet.microsoft.com/library/security/ms17-010. It is advisable to install the latest patches immediately, regardless of whether your system is infected or not.
Are cloud users more vulnerable to ransomware?
Cloud users are less vulnerable to ransomware as compared to on-premise datacenter, as we have an extra layer of security devices installed and follow strict access policies across all the cloud offerings.
What precautions should I take against ransomware?
- Always update critical patches and make sure you don’t open unnecessary ports.
- Do not share your windows machine with any infected one.
- Always take daily backup of your critical data and be conscious about phishing attacks and email attachments.
- Once you detect ransomware infection, isolate that computer from the network because it replicates itself throughout the network.
- Enable the in-built volume shadow copy (VSS) feature in Windows. However, most mature ransomware viruses delete or disable any VSS that exists on the computer. Therefore, taking regular backups is always the better solution.
About IndiQus and how we protect our customers.
Being a world class cloud solutions integrator, security measures are core to our cloud solution design and security devices are an integral part of the infrastructure components. Our security layer consists of Gartner listed IPS/IDS, Firewall, UTM, devices etc.
Moreover, we always keep an eye on the security incidents happening globally, regularly patching up devices and backing up important data. We believe knowledge is critical in defeating threats such as ransomware, and we follow a prompt education process in circumstances of such attacks.
We always suggest our customers the following:
- Update your OS with latest security patches released by the OEM.
- Install antivirus software.
- Be wary of suspicious emails and pop-ups.
- Create backups of your data.
We regularly educate our customers about the security parameters mentioned above. Other than this, we also do immediate patching to all our Windows templates as soon as Microsoft releases fixes. We have security analysts on our team who are dedicatedly monitoring security incidents worldwide and taking appropriate measures to mitigate threats.
To know more about security for your cloud setup, get in touch and we’ll schedule a coffee-shop meet or a phone call.